Is North Korea behind the WannaCry Ransomware?
Security experts assume that hackers from North Korea are behind the WannaCry ransomware which in May infected thousands of computers around the world, encrypted data and demanded bitcoin to decrypt it again. Beyond this, we find some more news about North Korea and Bitcoin.
In May the WannaCry Ransomware wave hit 200,000 computers in the world. Like other malware, WannaCry infected a computer by an attached file in an email or something like this. But other than existing malware it automatically captured all other computers in a local network by exploiting an unfixed bug in Windows. After getting access to all the computers, WannaCry encrypts all data medium it can get – and wants Bitcoin to set it free.
WannaCry was the most serious wave of crypto malware goings though the world. It was immediately everywhere. Many public services have been affected, most prominently maybe some British hospitals and the display boards of Deutsche Bahn, which had to be shut down.
Now, after investigating the material, several security experts agree that the traces go to North Korea. The perpetrator is the Lazarus group, a group of hackers which is assumed to operate in North Korea. Earlier Lazarus hacked the government of South Korea, the arch-enemy of North Korea, as Sony and the Swift system of the Bank of Bangladesh.
According to the security experts, among the Kaspersky Lab and Symantec, there have been striking similarities in the code of WannaCry and earlier software written by Lazarus. Thus they assume that Lazarus is behind the malware epidemic.
The WannaCry suspicion is not the first time that such speculation on Bitcoin and North Korea hit the surface. Other than its reputation as “Stone Age Tyranny” the last real and uncompromising socialist dictatorship of the world seems to be open for payment innovation – as long as it helps to pull money from the world outside North Korea.
The methods North Korea is assumed to use Bitcoin to get money are, unsurprisingly, as bad as the country itself is assumed to be. The hack and rob. Cybercrime investigators in South Korea suspect hackers from North Korea for long to not just hack banks, but also Bitcoin exchanges. Since 2013 the investigators say the North Koreans have robbed Bitcoins worth $100,000 from exchanges. Further, it is said that North Korean hackers do use ransomware for some time.
However, much of the evidence indicates an amateur was behind the attack as the University of Surrey’s computer science professor Alan Woodward suggested:
“Whilst I wouldn’t put it past that regime to mount any form of attack, I’ve been very surprised at the certainty with which the attacks are being attributed to North Korea. The evidence is tenuous, and the attribution seems to ignore other evidence that appears to point elsewhere.”
“We seem to have created a new bogeyman in the form of the infamous North Korean Unit 180 – who are doubtlessly up to no good – but by settling for them as the culprits of this attack, there is a danger that we might stop looking and the real criminals might slink off into the dark.”
Not long ago Ex-NBA star Dennis Rodman visited North Korea with a crew of other Ex-NBA stars to play basketball in the country. One of his acquaintances has been a Bitcoin fan, who took the chance to give away bitcoin paper wallets to people from North Korea. Unfortunately, since the internet is very expensive in the country, most of them will not have the chance to use it.